Before claiming that a stereotype is false, please be sure that it is. Looking on secunia, PHP 4.3.x has had 4 security advisories this year, of which one is still unpatched. (A remote information exposure bug.) Last year they had 5 advisories of which one is still unpatched. (You can locally hijack port 80.) All of these bugs affected all operating systems that PHP is on.

In that time Perl 5.x has had one security hole, which is now patched. That was a buffer overflow bug in the Windows version of stat.

From that I'd say that PHP really does have a security track record that could legitimately cause concern.

Went to join the gridlock to see it
Held an eclipse party
Watched a live feed
I cn"t see tge kwubosd to amswr thus
I tried to see it, but 8000 miles of rock got in the way
What eclipse?
Wanted to see it, but they wouldn't reschedule it
Read the book instead